Hi, I have a JEE6 application deployed on Glassfish server.
I'm using a form based authentication using an LDAP realm in glassfish.
I have the following problem, when I use @RolesAllowed("CUSTOMER_READ") annotation the check in LDAP is for direct membership matching not nested matching.
If the CUSTOMER_READ group has the logged in user as member everything is fine,
but if CUSTOMER_READ has a GROUP member B and B has the logged in user the authorization fails.
Does anyone know how to perform nested membership matching with JEE6 annotations on Glassfish?
Any comment will be helpful,
The broblem was in Glassfish LDAP realm and how glassfish performs authentication.
Glassfish perform a direct membership group matching not a nested group matching.
Has anyone more info or any work around to perform a nested group matching in authentication